Hi Althaf,
specifications, however i realised its an adaptive framework. I will give a notion of what i had expected, well i envisioned it to be one like DDEkit- or Secure Userspace Execution Enviroment kit ( SUEEkit) over 'any' mono/micro/hypervisor kernel, though it is correct, I conclude from your reply that there is no solid bottom layer specification?
the Base API can be regarded as a "bottom layer specification" (its implementation is typically less than 10KLOC) of the whole system but there is no fixed base-internal interface. This gives each platform maximum flexibility about how the API is implemented. Given the vast differences of the mechanisms used, this flexibility is needed. E.g., by comparing the ways processes are created and address spaces are managed on Linux and L4, you will see that the respective base code has almost nothing in common. On Linux, 'rm_session()->attach()' is implemented locally by the calling process using mmap. In contrast, on L4, the same API function is an RPC to core, which, in turn, manipulates the address space on demand (using L4's map/unmap) when a page fault occurs.
About my requirement, well i would like to adapt Genode for daily use (on the long run) over a stripped down linux, ie not related to current base-linux which only a dev / proof of concept platform than complying to genode policy. I actually wondered why genode port to linux was using sockets, than other secure linux mechanism like Shared memory and et al.Now i understood why. ;-).
Thanks for this very interesting insight. Is your idea in line with the topic "Microkernelizing Linux" described on our "Challenges" Wiki page?
http://genode.org/community/wiki/Challenges
Let me suggest two pointers that we stumbled upon when we brain-stormed this idea. First, we were pointed to Linux' "resource containers", which promise to allow the assignment of fine-grained resource constraints to individual processes. This looks like an interesting mechanism to support Genode's resource-trading concept. Secondly, we were made aware of the Capsicum project, which brings capability-based security to Linux.
http://www.cl.cam.ac.uk/research/security/capsicum/
This looks like it may fit for securing the IPC communication between Genode processes on Linux.
Best regards Norman